<?php
include("../phpConf/controlador.php");
$input_arr = array(); 
foreach ($_POST as $key => $input_arr) 
{
  $_POST[$key] = addslashes(PrevenirSqlInjection($input_arr)); 
}

if(true)
{
 $sCamp1 = (strlen(trim($_POST['txtNombre']))>0 ? "'".trim($_POST['txtNombre'])."'" : "''");
 $sCamp2 = (strlen(trim($_POST['txtApellido']))>0 ? "'".trim($_POST['txtApellido'])."'" : "''");
 $sCamp3 = (strlen(trim($_POST['txtProfesion']))>0 ? "'".trim($_POST['txtProfesion'])."'" : "''");
 $sCamp4 = (strlen(trim($_POST['txtMail']))>0 ? "'".trim($_POST['txtMail'])."'" : "''");
 $sCamp5 = (strlen(trim($_POST['txtComentario']))>0 ? "'".trim($_POST['txtComentario'])."'" : "''");
 $dbStatement = "INSERT INTO contacto(nombre, apellido, profesion, mail,comentario) VALUES(".$sCamp1.",".$sCamp2.",".$sCamp3.",".$sCamp4.",".$sCamp5.")";
 echo datosGuardados($dbHost,$dbUsr,$dbPwd,$dbBaseDatos,$dbStatement);
}
else
{
  echo "No";    
}
?>